cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-3983,https://securityvulnerability.io/vulnerability/CVE-2023-3983,SQL Injection Vulnerability in Advantech iView by Advantech,"An SQL injection vulnerability exists in Advantech iView that allows authenticated attackers to bypass security checks. By exploiting this flaw, attackers can execute blind SQL injection attacks, potentially compromising the integrity and confidentiality of the database. This vulnerability affects all versions of Advantech iView prior to v5.7.4 build 6752, underscoring the importance of timely updates and security measures to safeguard sensitive data.",Advantech,Advantech Iview,8.8,HIGH,0.0014299999456852674,false,,false,false,false,,,false,false,,2023-07-31T00:00:00.000Z,0
CVE-2022-3323,https://securityvulnerability.io/vulnerability/CVE-2022-3323,SQL Injection Vulnerability in Advantech iView Solutions,"An SQL injection vulnerability has been identified in Advantech iView, specifically in the ConfigurationServlet endpoint which operates on TCP port 8080 by default. This issue allows unauthenticated remote attackers to exploit the setConfiguration action by crafting a malicious column_value parameter. This manipulation bypasses the intended SQL injection checks, enabling attackers to potentially access sensitive information, such as the iView admin password. Organizations using iView 5.7.04.6469 should prioritize remediation to safeguard against potential vulnerabilities.",Advantech,Advantech Iview,7.5,HIGH,0.002050000010058284,false,,false,false,false,,,false,false,,2022-09-27T23:15:00.000Z,0
CVE-2021-22652,https://securityvulnerability.io/vulnerability/CVE-2021-22652,Unauthenticated Remote Code Execution in Advantech iView by Advantech,"A vulnerability exists in Advantech iView versions prior to v5.7.03.6112, where missing authentication measures can be exploited by an unauthorized attacker to alter system configurations. This flaw may potentially allow attackers to execute arbitrary code, leading to significant security risks for affected systems. Organizations using these versions should prioritize upgrading their software to mitigate potential threats.",Advantech,Advantech Iview,9.8,CRITICAL,0.8898500204086304,false,,false,false,false,,,false,false,,2021-02-11T16:06:38.000Z,0
CVE-2021-22656,https://securityvulnerability.io/vulnerability/CVE-2021-22656,Directory Traversal Vulnerability in Advantech iView,"Advantech iView versions before v5.7.03.6112 are susceptible to a directory traversal vulnerability. This weakness enables attackers to manipulate file paths, potentially gaining access to sensitive files on the server. By exploiting this flaw, an unauthorized attacker could read system files that are typically restricted, posing significant risks to data confidentiality and system integrity. To remediate this issue, it is essential for users of affected versions to upgrade to a patched version of the software to protect their systems from possible attacks.",Advantech,Advantech Iview,7.5,HIGH,0.14305000007152557,false,,false,false,false,,,false,false,,2021-02-11T16:06:31.000Z,0
CVE-2021-22658,https://securityvulnerability.io/vulnerability/CVE-2021-22658,SQL Injection Vulnerability in Advantech iView Products,"Advantech iView, specifically versions earlier than v5.7.03.6112, is exposed to a SQL injection vulnerability, which could enable attackers to elevate their privileges to that of an 'Administrator'. This flaw poses a significant risk, allowing unauthorized users to gain access to sensitive functionalities within the application.",Advantech,Advantech Iview,9.8,CRITICAL,0.010289999656379223,false,,false,false,false,,,false,false,,2021-02-11T16:06:25.000Z,0
CVE-2021-22654,https://securityvulnerability.io/vulnerability/CVE-2021-22654,SQL Injection Vulnerability in Advantech iView Software,"Advantech iView versions before v5.7.03.6112 are susceptible to a SQL injection vulnerability that may allow unauthorized attackers to access sensitive information, potentially leading to data breaches and compromised system integrity.",Advantech,Advantech Iview,7.5,HIGH,0.032990001142024994,false,,false,false,false,,,false,false,,2021-02-11T16:06:18.000Z,0
CVE-2020-16245,https://securityvulnerability.io/vulnerability/CVE-2020-16245,Path Traversal Vulnerability in Advantech iView Products,"Advantech iView, in versions 5.7 and earlier, is impacted by a path traversal vulnerability. This allows attackers to manipulate file paths and potentially create or download arbitrary files on the server. Exploiting this vulnerability may lead to a limitation of system availability and could enable remote code execution, which poses significant risks to the integrity and security of affected systems.",Advantech,Advantech Iview,9.8,CRITICAL,0.1474200040102005,false,,false,false,false,,,false,false,,2020-08-25T18:03:49.000Z,0
CVE-2020-14501,https://securityvulnerability.io/vulnerability/CVE-2020-14501,Improper Authentication Vulnerability in Advantech iView Solution,"Advantech iView versions up to 5.6 contain a vulnerability due to improper authentication for critical functions. This weakness allows attackers to gain unauthorized access, potentially revealing user table information, including sensitive administrator credentials in clear text. Additionally, it could allow an attacker to delete an existing administrator account, further compromising system integrity and security.",Advantech,Advantech Iview,9.8,CRITICAL,0.005280000157654285,false,,false,false,false,,,false,false,,2020-07-15T02:19:48.000Z,0
CVE-2020-14503,https://securityvulnerability.io/vulnerability/CVE-2020-14503,Improper Input Validation in Advantech iView Software,"Advantech iView versions up to 5.6 exhibit a vulnerability due to improper input validation. Malicious actors could exploit this weakness to execute arbitrary code remotely, potentially compromising the integrity and availability of affected systems.",Advantech,Advantech Iview,9.8,CRITICAL,0.012959999963641167,false,,false,false,false,,,false,false,,2020-07-15T02:15:13.000Z,0
CVE-2020-14499,https://securityvulnerability.io/vulnerability/CVE-2020-14499,Improper Access Control Vulnerability in Advantech iView from Advantech,"Advantech iView, up to version 5.6, is impacted by an improper access control vulnerability that could allow unauthorized users to gain access to sensitive user account credentials. This flaw presents a significant risk, as attackers may exploit it to compromise sensitive information, leading to potential data breaches and unauthorized activities within the system. Organizations using affected versions must prioritize patching and updating their software to mitigate this security risk.",Advantech,Advantech Iview,7.5,HIGH,0.014550000429153442,false,,false,false,false,,,false,false,,2020-07-15T02:11:10.000Z,0
CVE-2020-14505,https://securityvulnerability.io/vulnerability/CVE-2020-14505,Command Injection Flaw in Advantech iView Products,"Advantech iView versions 5.6 and earlier are susceptible to a command injection vulnerability, which allows attackers to manipulate HTTP GET or POST requests. By exploiting this flaw, an attacker could craft a command string that lacks proper validation, potentially leading to unauthorized remote code execution on the affected system. This vulnerability poses significant security risks as attackers could gain access to sensitive information or control over the system. Organizations using affected versions should prioritize applying relevant security patches and implementing stringent security measures.",Advantech,Advantech Iview,9.8,CRITICAL,0.004840000066906214,false,,false,false,false,,,false,false,,2020-07-15T01:59:33.000Z,0
CVE-2020-14497,https://securityvulnerability.io/vulnerability/CVE-2020-14497,SQL Injection Vulnerabilities in Advantech iView Software,"Advantech iView software versions 5.6 and earlier are susceptible to multiple SQL injection vulnerabilities. These flaws allow an attacker to manipulate SQL queries through user-controlled strings, potentially leading to unauthorized access to sensitive data, including user credentials. Exploiting these vulnerabilities could enable an attacker to read or modify critical information and execute code remotely, thus posing significant risks to data integrity and confidentiality.",Advantech,Advantech Iview,9.8,CRITICAL,0.09025000035762787,false,,false,false,false,,,false,false,,2020-07-15T01:50:54.000Z,0
CVE-2020-14507,https://securityvulnerability.io/vulnerability/CVE-2020-14507,Path Traversal Vulnerability in Advantech iView Versions,"The iView product by Advantech, versions 5.6 and prior, is vulnerable to multiple path traversal flaws. These vulnerabilities may allow an attacker to manipulate file paths, leading to the creation or download of arbitrary files on the server. This can result in compromised system availability and the potential for remote code execution. Proper validation of input paths is essential to mitigate these risks.",Advantech,Advantech Iview,9.8,CRITICAL,0.0071000000461936,false,,false,false,false,,,false,false,,2020-07-15T01:48:12.000Z,0